Ransomware Attack: The Colonial Pipeline Hack Reports Linkage With A VPN account

Shariq TahirWeb Editor

05th Jun, 2021. 01:15 pm
The Colonial Pipeline ransomware attack was tracked back to a specific VPN login

The Colonial Pipeline ransomware hack reportedly has links with the compromised credentials of a legacy VPN account after hackers gained access to the network.

According to media reports, the pipeline ransomware hack resulted in gas shortages and a $4.4 payoff to the attackers across the Southeast.

Turton, a FireEye security researcher, revealed that the suspicious activity on the Colonial Pipeline’s network began on April 29th.

However, the researcher was unable to confirm how the attackers accessed the login. There seems to be no evidence of phishing attempts, sophisticated or otherwise.

They eventually discovered that the employee’s password was present in a dump of login shared on the dark web. However, by reusing the username with the attacker, they could find out how they got in.

Moreover, the U.S. Justice Department recently announced it is planning to elevate ransomware cases to the same priority assigned to terrorism cases.

Also, Ransomware has become a formidable problem for the Biden administration, particularly after the Colonial Pipeline attack.

A week after the pipeline attack reported, it appeared with a message on Capital Pipeline’s computer screens. The staff began to shut down operations.

The shutdown left a massive impression that the Pipeline’s CEO is scheduled to appear in front of the congressional community. The ransomware cases have been centralized by DoJ in a similar way to terrorism cases.

Adsence 300X250